def __init__(self, config_file=None):
"""Attempt to initialize a config dictionary from a yaml file.
Error out if loading the yaml file fails for any reason.
:param config_file: The Bandit yaml config file
:raises bandit.utils.ConfigError: If the config is invalid or
unreadable.
"""
self.config_file = config_file
self._config = {}
if config_file:
try:
f = open(config_file, "rb")
except OSError:
raise utils.ConfigError("Could not read config file.",
config_file)
if config_file.endswith(".toml"):
if tomllib is None:
raise utils.ConfigError(
"toml parser not available, reinstall with toml extra",
config_file,
)
try:
with f:
self._config = tomllib.load(f)["tool"]["bandit"]
except tomllib.TOMLDecodeError as err:
LOG.error(err)
raise utils.ConfigError("Error parsing file.", config_file)
else:
try:
with f:
self._config = yaml.safe_load(f)
except yaml.YAMLError as err:
LOG.error(err)
raise utils.ConfigError("Error parsing file.", config_file)
self.validate(config_file)
# valid config must be a dict
if not isinstance(self._config, dict):
raise utils.ConfigError("Error parsing file.", config_file)
self.convert_legacy_config()
else:
# use sane defaults
self._config["plugin_name_pattern"] = "*.py"
self._config["include"] = ["*.py", "*.pyw"]
self._init_settings()
def __init__(self, config_file=None):
'''Attempt to initialize a config dictionary from a yaml file.
Error out if loading the yaml file fails for any reason.
:param config_file: The Bandit yaml config file
:raises bandit.utils.ConfigError: If the config is invalid or
unreadable.
'''
self.config_file = config_file
self._config = {}
if config_file:
try:
f = open(config_file, 'r')
except IOError:
raise utils.ConfigError("Could not read config file.",
config_file)
if config_file.endswith('.toml'):
import toml
try:
with f:
self._config = toml.load(f)['tool']['bandit']
except toml.TomlDecodeError as err:
LOG.error(err)
raise utils.ConfigError("Error parsing file.", config_file)
else:
try:
with f:
self._config = yaml.safe_load(f)
except yaml.YAMLError as err:
LOG.error(err)
raise utils.ConfigError("Error parsing file.", config_file)
self.validate(config_file)
# valid config must be a dict
if not isinstance(self._config, dict):
raise utils.ConfigError("Error parsing file.", config_file)
self.convert_legacy_config()
else:
# use sane defaults
self._config['plugin_name_pattern'] = '*.py'
self._config['include'] = ['*.py', '*.pyw']
self._init_settings()
def test_main_invalid_config(self):
# Test that bandit exits when a config file contains invalid YAML
# content
with mock.patch('bandit.core.config.BanditConfig.__init__'
) as mock_bandit_config:
mock_bandit_config.side_effect = utils.ConfigError('', '')
# assert a SystemExit with code 2
self.assertRaisesRegex(SystemExit, '2', bandit.main)
def test_main_config_unopenable(self):
# Test that bandit exits when a config file cannot be opened
with mock.patch('bandit.core.config.__init__') as mock_bandit_config:
mock_bandit_config.side_effect = utils.ConfigError('', '')
# assert a SystemExit with code 2
self.assertRaisesRegex(SystemExit, '2', bandit.main)
def _test(key, block, exclude, include):
if key in exclude or key in include:
if self._config.get(block) is None:
raise utils.ConfigError(message.format(key), path)
